First published: Fri Jun 30 2023(Updated: )
An issue was discovered in the DoubleWiki extension for MediaWiki through 1.39.3. includes/DoubleWiki.php allows XSS via the column alignment feature.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
MediaWiki MediaWiki | <=1.39.3 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID of this issue is CVE-2023-37304.
The affected software is MediaWiki.
The severity of CVE-2023-37304 is medium.
This vulnerability can be exploited through a cross-site scripting (XSS) attack via the column alignment feature.
Yes, a fix for this vulnerability is available. It is recommended to update to Mediawiki version 1.39.3 or later.